WordPress founder plays down botnet attack

By James Riches topicIcon Internet News

Users urged to improve username and password

WordPress founder Matt Mullenweg has moved to calm reports of a botnet attacking sites that use the popular platform.

Reports over the weekend suggested a 90,000-strong botnet had been exploring WordPress accounts in search of any that had failed to change their username from the easily detectable 'admin'.

These users have been targeted by the botnet, which tries thousands of commonly used passwords on each vulnerable account it can find.

It is thought that WordPress may have been chosen as the target due to its high popularity, with 64 million sites managed using the service.

This story comes just two weeks after Spamhaus revealed they were dealing with the largest cyber attack in the internet's history.

However, Mr Mullenweg was quick to publish a blog to reassure users, suggesting that the problem was being exaggerated by companies claiming to offer security solutions.

He advised users who had 'admin' as a username to change this immediately, and create an improved password. "Do this and you'll be ahead of 99% of sites out there, and probably never have a problem," he said.

WordPress has also recently provided users with an optional two-step authentication process, which adds a security code to the login procedure for further protection.

Industry experts fear stronger attack

Mr Mullenweg did concede that a botnet of 90,000 computers was certainly capable of bypassing a range of attempts to stop or block it, admitting that it could try accessing accounts from a different IP address every second for 24 hours.

Others have voiced fears that this incident could simply be a "relatively weak" rehearsal for a much stronger attack in the future.

Adrian Mursec, senior developer at theEword, said: "In any situation such as this, the advice will always be the same. If you have a strong password in place from the moment you set up your site, you are much less likely to experience any issues. It's exasperating that so many people are still using default usernames and passwords at this stage."